Cyber Security within Critical Infrastructure

Cyber attacks on critical infrastructure are indeed on the rise, the nations being targeted are many including the United States. At this point we can only speculate on who might actually be responsible for these attacks, but two things are clear. One is that these attacks are becoming very sophisticated which brings us to the second point. Given the amount of work and preparation required to be able to pull off these types of attacks, and because doing this for money would be counterproductive, the only possible explanation is that these are state sponsored hackers looking to exploit vulnerabilities in national cyber security.

Why cyber attacks target critical infrastructure?

There are hackers that hack just for sport, there are some that hack for money, and then you have hackers whose sole purpose is to destroy, these are obviously the most dangerous. The interesting thing here is that hacks on critical infrastructure are not new. In fact hackers have been targeting these sites for many years probably since the internet has been around.

In 2012 the Department of Homeland Security announced that they had located about 7,200 Key industrial control systems that had direct access to the internet. Not only that, they had very little or no security protocols in place. They even mentioned that one was discovered with a password of 1234.

Wars are costly to both sides and the reality is that no one really wins because of the money lost and the human casualties. By using these types of attacks any nation could potentially wreak havoc on another country with a much lower cost than an actual war and could potentially cause the deaths of thousands of people without them losing any. This seems to be the case, and this is only getting worse, but how real is the threat of Cyberwarfare?

How real is the threat of cyberwarfare?

The definition of Cyberwarfare is: “the use of computer technology to disrupt the activities of another nation or state”. This is already happening worldwide and has been happening for quite some time. In 2010, when Aurora was first discovered, it was in essence a hack directed towards Google and Adobe and other high profile companies. The level of sophistication is what caught people’s attention. China was later blamed for the attack that managed to steal sensitive information from several companies.

Who can forget about Stuxnet? A rootkit exploit that targeted SCADA systems. The idea was to cause malfunctions in the centrifuge infrastructure that were used to enrich uranium to weapon grade. Although several countries were affected, the one that took the most damage was Iran. It was later determined that American and Israeli hackers were the ones who created and distributed this malware.Cyber attacks are on the rise and although the reasons vary from anarchist trying to cause panic to well organized state sponsored attacks to your typical hacker that does it for money. It is clear that Cyberwarfare is already here and we can only expect it to get worse. Cyberwarfare has many advantages, for nations with a small army and not that much money, this is the perfect way to try to level the battleground, although if the attack causes enough human casualties, this could escalate into a “real” war. The fact is that Presidents are already expected to have opinions about this and hopefully a plan to improve national cyber security and try to mitigate the damages this might cause. For that to happen the people in charge need to understand how real this threat is.